我正在尝试在Springboot应用程序中使用BCFIPS提供商。运行SprintBoot可执行战争文件后,它将抛出以下错误。如果有人对此有任何想法,我找不到有关此错误的任何信息。
@SpringBootApplication
public class TestApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
if (Security.getProvider("BCFIPS") == null) {
Security.insertProviderAt(new BouncyCastleFipsProvider(), 1);
}
SpringApplication.run(TestApplication.class, args);
}
}
错误:
Caused by: org.bouncycastle.crypto.fips.FipsOperationError: Module checksum failed: entry
at org.bouncycastle.crypto.fips.FipsStatus.checksumValidate(Unknown Source)
at org.bouncycastle.crypto.fips.FipsStatus.isReady(Unknown Source)
at org.bouncycastle.crypto.CryptoServicesRegistrar.getDefaultMode(Unknown Source)
at org.bouncycastle.crypto.CryptoServicesRegistrar.<clinit>(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)
at org.bouncycastle.jcajce.provider.BouncyCastleFipsProvider.<init>(Unknown Source)
您可能需要再次下载bc-fips.jar并检查校验和。
另外,当您在主要方法中执行此操作时,它不起作用。(这是使用Spring-boot 1.5.11释放)
@SpringBootApplication
public class TestApplication {
public static void main(String[] args) {
SpringApplication.run(TestApplication.class, args);
}
@Bean
public Cipher cbcCipher() throws GeneralSecurityException {
Security.addProvider(new BouncyCastleFipsProvider());
return Cipher.getInstance("AES/CBC/PKCS7Padding", "BCFIPS");
}
}